Impact of 2020 LDAP Channel Binding and LDAP Signing Requirements for Windows on InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2

- Updated:
- 14 Aug 2020
- Product/Version:
- Interscan Web Security Virtual Appliance 6.5
- Platform:
- N/A

Summary

According to this Security Advisory, Microsoft provides recommendations for administrators to harden the configurations for LDAP channel binding and LDAP signing on Active Directory domain controllers.

Details

After researching, IWSVA 6.5 SP2 does not support enabling LDAP Channel Binding and LDAP Signing; even though it can pass the connection test via the webUI, the core process will not work.

Therefore, if the LDAP server administrators have modified the Windows registry settings (2020 LDAP channel binding and LDAP signing requirements for Windows ) for enabling these new features, they need to roll them back to the previous ones in order for IWSVA to work properly with LDAP authentication.

In any case, as stated by Microsoft, these settings will not be automatically enforced via Windows updates:

Important: The March 10, 2020 updates, and updates in the foreseeable future, will not change LDAP signing or LDAP channel binding default policies or their registry equivalent on new or existing Active Directory domain controllers.

For more details, contact Technical Support.

Rating:

Category:

Troubleshoot

Solution Id:

000261930

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.